{"summary":{"analyzed":true,"build_worthy":false,"build_worthy_family_key":"booking-revenue","build_worthy_family_name":"booking revenue assurance","build_worthy_reason":"This row is supporting evidence for the linked opportunity family; use the family card, not this row, for the build decision.","build_worthy_scope":"opportunity_family","comments_returned":3,"commercial_card_missing_count":0,"commercial_card_status":"complete","commercial_context_status":"linked_opportunity","commercial_context_status_label":"Evidence linked to opportunity","evidence_context_status":"linked_opportunity","evidence_context_status_label":"Evidence linked to opportunity","evidence_role":"supports_opportunity_family","evidence_role_label":"Evidence supporting opportunity family","evidence_role_reason":"This row is supporting evidence for the linked opportunity family; use the family card, not this row, for the build decision.","intelligence_role":"supporting_evidence","intelligence_role_label":"Supporting evidence","is_build_worthy":false,"opportunity_context_status":"linked_opportunity","opportunity_context_status_label":"Evidence linked to opportunity","opportunity_decision_status":"supporting_evidence","opportunity_decision_status_label":"Supporting evidence","opportunity_relevance":0.94,"plugin_name":"Events Widgets For Elementor And The Events Calendar","promotion_reason":"This row is supporting evidence linked to a commercial opportunity family, not the build-worthy opportunity itself.","promotion_status":"linked_opportunity","promotion_status_label":"Evidence linked to opportunity","recommendation_role":"evidence_input","recommendation_role_label":"Evidence input","reply_count":3,"row_is_build_worthy":false,"row_is_opportunity":false,"row_role":"supporting_evidence","row_role_label":"Supporting evidence","sentiment":"mixed","severity":"high","slug":"events-widgets-for-elementor-and-the-events-calendar","source":"support","source_link_count":2,"url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","worth_validating":false,"source_count":0,"source_evidence_summary":{"total":35,"source_evidence_rows":7,"source_link_rows":7,"source_count_only_rows":0,"missing_source_evidence_rows":28,"source_evidence_not_applicable_rows":0,"source_link_coverage_percent":20.0,"evidence_required_rows":0,"evidence_required_rows_missing_source_links":0,"build_worthy_rows_missing_source_links":0,"decision_rows_missing_source_links":0,"missing_source_examples":[]},"commercial_readiness":{"total":35,"validation_ready":0,"core_validation_ready_rows":0,"family_wide_validation_ready_rows":0,"core_only_validation_ready_rows":0,"validation_scope_status":"not_ready","validation_scope_label":"Not ready","validation_scope_warning":"","validation_scope_counts":[{"scope":"not_validation_ready","label":"Not validation-ready","count":35}],"blocker_count":68,"caution_count":0,"status_counts":[{"status":"needs_external_proof","label":"Needs outside proof","count":34},{"status":"needs_family_proof","label":"Needs family proof","count":1}],"blocker_counts":[{"label":"Outside proof needed: not validated","count":34},{"label":"Commercial gate not complete: proof blocked","count":34}],"caution_counts":[],"ready_for_buyer_validation":0,"needs_external_proof":34,"needs_family_proof":1,"needs_report":0,"needs_thesis_detail":0,"needs_thesis_sharpening":0,"research_first":0,"research_only":0,"hold":0,"unclassified":0,"core_wedge_validation_ready_rows":0,"full_family_validation_ready_rows":0,"scope_limited_validation_rows":0,"full_family_claim_ready_rows":0,"validation_claim_scope_policy":"Core-only validation rows are worth buyer testing, but they must not be presented as full-family commercial opportunities until family_wide_validation_ready is true."},"commercial_readiness_summary":{"status":"needs_family_proof","label":"Needs family proof","validation_ready":false,"family_key":"booking-revenue","family_name":"booking revenue assurance","decision_bucket":"proof_blocked","decision_bucket_label":"Proof Blocked","proof_status":"validated_core","proof_status_label":"Validated core","commercial_gate_status":"complete","commercial_gate_label":"Gate complete","commercial_gate_passed":7,"commercial_gate_total":7,"commercial_card_status":"complete","commercial_card_complete":true,"commercial_card_missing_count":0,"blockers":[],"blocker_count":0,"cautions":[],"caution_count":0,"next_action":"Finish the missing outside proof, then test buyer urgency with service businesses taking online bookings: test events availability, booking notifications, payment handoffs, and calendar sync.","dossier_url":"/opportunities/families/booking-revenue/dossier","dossier_api_url":"/api/opportunities/families/booking-revenue/dossier"},"readiness_summary":{"status":"needs_family_proof","label":"Needs family proof","validation_ready":false,"family_key":"booking-revenue","family_name":"booking revenue assurance","decision_bucket":"proof_blocked","decision_bucket_label":"Proof Blocked","proof_status":"validated_core","proof_status_label":"Validated core","commercial_gate_status":"complete","commercial_gate_label":"Gate complete","commercial_gate_passed":7,"commercial_gate_total":7,"commercial_card_status":"complete","commercial_card_complete":true,"commercial_card_missing_count":0,"blockers":[],"blocker_count":0,"cautions":[],"caution_count":0,"next_action":"Finish the missing outside proof, then test buyer urgency with service businesses taking online bookings: test events availability, booking notifications, payment handoffs, and calendar sync.","dossier_url":"/opportunities/families/booking-revenue/dossier","dossier_api_url":"/api/opportunities/families/booking-revenue/dossier"},"cache_source":"durable_research_stale","cache_age_seconds":8811,"payload_mode":"compact","full_payload_url":"/api/evidence/source?full=true&compact_schema=evidence-source-v2&url=https%3A//wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/&comment_limit=80&text_limit=12000","row_key":"rows","source_row_key":"rows","rows_shown":1,"comments_shown":3,"evidence_summary":{"total":1,"source_evidence_rows":0,"source_link_rows":1,"source_count_only_rows":0,"missing_source_evidence_rows":0,"source_evidence_not_applicable_rows":0,"source_link_coverage_percent":100.0,"evidence_required_rows":0,"evidence_required_rows_missing_source_links":0,"build_worthy_rows_missing_source_links":0,"decision_rows_missing_source_links":0,"missing_source_examples":[]}},"rows":[{"section":"source","row_type":"source","url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","slug":"events-widgets-for-elementor-and-the-events-calendar","plugin_name":"Events Widgets For Elementor And The Events Calendar","source":"support","sentiment":"mixed","severity":"high","opportunity_relevance":0.94,"reply_count":3,"comments_returned":3,"analyzed":true,"source_link_count":2,"title":"Security Vulnerabilities Identified in moment.js v2.24.0","author":"grreingold2","published_at":"2025-10-16T15:44:00+00:00","resolved":true,"collected_at":"2026-06-10T08:15:59+00:00","intent":"question","affected_feature":"elementor","summary":"Security Vulnerabilities Identified in moment.js v2.24.0: users show security, bugs, compatibility pain that may indicate a product gap.","evidence_quote":"Security Vulnerabilities Identified in moment.js v2.24.0 During a recent security scan conducted earlier this week, we identified that your plugin is using the JavaScript library moment.js, version 2.24.0 , which contains known major vulnerabilities: CVE-2022-31129...","confidence":0.68,"analyzed_at":"2026-06-10T08:16:04+00:00","market_key":"events","market_name":"Events","market_url":"/markets/events","opportunity_url":"/opportunities/events","family_key":"booking-revenue","family_name":"booking revenue assurance","opportunity_family_key":"booking-revenue","opportunity_family_name":"booking revenue assurance","buyer":"service businesses and booking-site builders","what_to_build":"Events booking flow assurance for keeping booking availability and appointment flows working","urgent_problem":"Booking failures directly cost appointments, staff time, and customer trust.","problem":"Booking failures directly cost appointments, staff time, and customer trust.","competitor_gap":"Gap to test: can buyers test events availability, booking notifications, payment handoffs, and calendar sync before booking, payment, and calendar-flow risk. pain: booking or availability failure risk (8 signals). weak-incumbent evidence gives 206 teardown signal(s). Entry...","proof_support":"Proof base: outside proof that buyers already pay around the workflow, paid-adjacent plugin or pricing signals, repeated WordPress pain, and weak incumbent coverage around keeping booking availability and appointment flows working.","needs_validation":"finish the missing outside proof, then test buyer urgency with service businesses taking online bookings: test events availability, booking notifications, payment handoffs, and calendar sync.","what_still_needs_validation":"finish the missing outside proof, then test buyer urgency with service businesses taking online bookings: test events availability, booking notifications, payment handoffs, and calendar sync.","commercial_attractiveness":"Commercial pull comes from service businesses taking online bookings: booking failures directly cost appointments, staff time, and customer trust. The first paid wedge is to test events availability, booking notifications, payment handoffs, and calendar sync. Revenue can...","first_validation_wedge":"test events availability, booking notifications, payment handoffs, and calendar sync","mvp_wedge":"test events availability, booking notifications, payment handoffs, and calendar sync","decision_bucket":"proof_blocked","decision_bucket_label":"Proof Blocked","row_role":"supporting_evidence","recommendation_role":"evidence_input","evidence_role":"supports_opportunity_family","promotion_status":"linked_opportunity","promotion_status_label":"Evidence linked to opportunity","promotion_reason":"This row is supporting evidence linked to a commercial opportunity family, not the build-worthy opportunity itself.","is_build_worthy":false,"worth_validating":false,"build_worthy_scope":"opportunity_family","build_worthy_family_key":"booking-revenue","opportunity_decision_status":"supporting_evidence","body_summary":"During a recent security scan conducted earlier this week, we identified that your plugin is using the JavaScript library moment.js, version 2.24.0 , which contains known major vulnerabilities: CVE-2022-31129...","issue_labels":["security","bugs","compatibility","support"],"source_links":[{"source_url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","original_url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","source_page_url":"/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecurity-vulnerabilities-identified-in-moment-js-v2-24-0%2F","source_api_url":"/api/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecurity-vulnerabilities-identified-in-moment-js-v2-24-0%2F"}]}],"plugin":{"active_installs":10000,"api_url":"/api/plugins/events-widgets-for-elementor-and-the-events-calendar","downloaded":378454,"name":"Events Widgets For Elementor And The Events Calendar","rating":90.0,"slug":"events-widgets-for-elementor-and-the-events-calendar","tags":["elementor widget","event calendar","events","events calendar","the events calendar"],"url":"/plugin/events-widgets-for-elementor-and-the-events-calendar"},"conversation":{"url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","slug":"events-widgets-for-elementor-and-the-events-calendar","source":"support","title":"Security Vulnerabilities Identified in moment.js v2.24.0","author":"grreingold2","published_at":"2025-10-16T15:44:00+00:00","resolved":true,"reply_count":3,"collected_at":"2026-06-10T08:15:59+00:00","body_summary":"During a recent security scan conducted earlier this week, we identified that your plugin is using the JavaScript library moment.js, version 2.24.0 , which contains known major vulnerabilities: CVE-2022-31129 CVE-2022-24785 Could you update moment.js as soon as possible..."},"analysis":{"affected_feature":"elementor","analyzed_at":"2026-06-10T08:16:04+00:00","complaint_types":["security","bugs","compatibility","support"],"confidence":0.68,"conversation_url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","evidence_quote":"Security Vulnerabilities Identified in moment.js v2.24.0 During a recent security scan conducted earlier this week, we identified that your plugin is using the JavaScript library moment.js, version 2.24.0 , which contains known major vulnerabilities: CVE-2022-31129 CVE-2022-24785 Could you update moment.js as soon as possible please?","intent":"question","issue_labels":["security","bugs","compatibility","support"],"model":"heuristic-v1","opportunity_relevance":0.94,"praise_types":["support"],"sentiment":"mixed","severity":"high","slug":"events-widgets-for-elementor-and-the-events-calendar","source":"support","summary":"Security Vulnerabilities Identified in moment.js v2.24.0: users show security, bugs, compatibility pain that may indicate a product gap."},"comments":[{"position":1,"author":"Vishali Tayal","published_at":"2025-10-17T06:56:00+00:00","body_summary":"Hi @grreingold2 , Thank you for bringing this to our attention. We’ve addressed the reported vulnerabilities related to moment.js (CVE-2022-31129 and CVE-2022-24785) . The issue has been resolved in the latest..."},{"position":2,"author":"grreingold2","published_at":"2025-10-23T19:19:00+00:00","body_summary":"Thanks! Much appreciated."},{"position":3,"author":"Vishali Tayal","published_at":"2025-10-24T04:30:00+00:00","body_summary":"Hi @grreingold2 , If our support has been helpful for you, we’d really appreciate it if you could take a minute to leave us a positive review here:..."}],"source_links":[{"source_url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","original_url":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","source_page_url":"/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecurity-vulnerabilities-identified-in-moment-js-v2-24-0%2F","source_api_url":"/api/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecurity-vulnerabilities-identified-in-moment-js-v2-24-0%2F"},{"source_url":"https://wordpress.org/plugins/events-widgets-for-elementor-and-the-events-calendar/","url":"https://wordpress.org/plugins/events-widgets-for-elementor-and-the-events-calendar/","original_url":"https://wordpress.org/plugins/events-widgets-for-elementor-and-the-events-calendar/","source_page_url":"/plugin/events-widgets-for-elementor-and-the-events-calendar","source_api_url":"/api/plugins/events-widgets-for-elementor-and-the-events-calendar"}],"source_link_count":2,"market_key":"events","market_name":"Events","market_url":"/markets/events","opportunity_url":"/opportunities/events","opportunity_card":{"key":"booking-revenue","name":"booking revenue assurance","family_key":"booking-revenue","family_name":"booking revenue assurance","family_label":"booking revenue assurance","display_name":"Events booking flow assurance","opportunity_name":"Events booking flow assurance","opportunity_label":"Events booking flow assurance","decision_bucket":"proof_blocked","commercial_readiness_status":"needs_family_proof","commercial_readiness_label":"Needs family proof","validation_ready":false,"is_build_worthy":false,"row_role":"opportunity_family","recommendation_role":"commercial_opportunity_candidate","buyer":"service businesses and booking-site builders","who_buys":"service businesses and booking-site builders","primary_buyer_segment":"service businesses taking online bookings","urgent_problem":"Booking failures directly cost appointments, staff time, and customer trust.","problem":"Booking failures directly cost appointments, staff time, and customer trust.","pain":"Booking failures directly cost appointments, staff time, and customer trust.","what_to_build":"Events booking flow assurance for keeping booking availability and appointment flows working","first_validation_wedge":"test events availability, booking notifications, payment handoffs, and calendar sync","mvp_wedge":"test events availability, booking notifications, payment handoffs, and calendar sync","wedge":"test events availability, booking notifications, payment handoffs, and calendar sync","source_count":12,"source_link_count":12,"next_action":"Finish the missing outside proof, then test buyer urgency with service businesses taking online bookings: test events availability, booking notifications, payment handoffs, and calendar sync.","family_dossier_url":"/opportunities/families/booking-revenue/dossier","opportunity_family_dossier_url":"/opportunities/families/booking-revenue/dossier","family_dossier_api_url":"/api/opportunities/families/booking-revenue/dossier","opportunity_family_dossier_api_url":"/api/opportunities/families/booking-revenue/dossier","urls":{"dossier":"/opportunities/families/booking-revenue/dossier","family":"/opportunities?family=booking-revenue"},"api_urls":{"dossier":"/api/opportunities/families/booking-revenue/dossier","family":"/api/opportunities/families?family=booking-revenue"},"family_url":"/opportunities?family=booking-revenue","opportunity_family_url":"/opportunities?family=booking-revenue","opportunity_family_api_url":"/api/opportunities/families?family=booking-revenue","commercial_gate_status":"complete","commercial_gate_label":"Gate complete","commercial_card_status":"complete","commercial_card_missing_count":0},"commercial_card_summary":{"status":"complete","status_label":"complete","missing_count":0,"passed":9,"required":9,"summary":{}},"commercial_card_checklist":[{"key":"what_to_build","label":"What to build","passed":true,"status":"pass","detail":"Events booking flow assurance for keeping booking availability and appointment flows working"},{"key":"specific_buyer","label":"Specific buyer","passed":true,"status":"pass","detail":"service businesses and booking-site builders"},{"key":"urgent_problem","label":"Urgent problem","passed":true,"status":"pass","detail":"Booking failures directly cost appointments, staff time, and customer trust."},{"key":"competitor_gap","label":"Competitor gap","passed":true,"status":"pass","detail":"Gap to test: can buyers test events availability, booking notifications, payment handoffs, and calendar sync before booking, payment, and calendar-flow risk. pain: booking or availability failure risk (8 signals). weak-i"}],"family_key":"booking-revenue","family_name":"booking revenue assurance","opportunity_family_key":"booking-revenue","opportunity_family_name":"booking revenue assurance","buyer":"service businesses and booking-site builders","what_to_build":"Events booking flow assurance for keeping booking availability and appointment flows working","urgent_problem":"Booking failures directly cost appointments, staff time, and customer trust.","problem":"Booking failures directly cost appointments, staff time, and customer trust.","competitor_gap":"Gap to test: can buyers test events availability, booking notifications, payment handoffs, and calendar sync before booking, payment, and calendar-flow risk. pain: booking or availability failure risk (8 signals). weak-incumbent evidence gives 206 teardown signal(s). Entry wedge: test events availability, booking notifications, payment handoffs, and calendar sync.","proof_support":"Proof base: outside proof that buyers already pay around the workflow, paid-adjacent plugin or pricing signals, repeated WordPress pain, and weak incumbent coverage around keeping booking availability and appointment flows working.","needs_validation":"finish the missing outside proof, then test buyer urgency with service businesses taking online bookings: test events availability, booking notifications, payment handoffs, and calendar sync.","what_still_needs_validation":"finish the missing outside proof, then test buyer urgency with service businesses taking online bookings: test events availability, booking notifications, payment handoffs, and calendar sync.","commercial_attractiveness":"Commercial pull comes from service businesses taking online bookings: booking failures directly cost appointments, staff time, and customer trust. The first paid wedge is to test events availability, booking notifications, payment handoffs, and calendar sync. Revenue can come from booking monitors, calendar/payment integrations, no-show analytics, alerts, and multi-location controls.","first_validation_wedge":"test events availability, booking notifications, payment handoffs, and calendar sync","mvp_wedge":"test events availability, booking notifications, payment handoffs, and calendar sync","decision_bucket":"proof_blocked","decision_bucket_label":"Proof Blocked","api_urls":{"evidence":"/api/evidence?slug=events-widgets-for-elementor-and-the-events-calendar","market":"/markets/events","opportunity":"/opportunities/events","plugin":"/api/plugins/events-widgets-for-elementor-and-the-events-calendar","source":"/api/evidence/source?url=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecurity-vulnerabilities-identified-in-moment-js-v2-24-0%2F","wordpress":"https://wordpress.org/support/topic/security-vulnerabilities-identified-in-moment-js-v2-24-0/","family":"/api/opportunities/families?family=booking-revenue","dossier":"/api/opportunities/families/booking-revenue/dossier"},"commercial_readiness":{"total":35,"validation_ready":0,"core_validation_ready_rows":0,"family_wide_validation_ready_rows":0,"core_only_validation_ready_rows":0,"validation_scope_status":"not_ready","validation_scope_label":"Not ready","validation_scope_warning":"","validation_scope_counts":[{"scope":"not_validation_ready","label":"Not validation-ready","count":35}],"blocker_count":68,"caution_count":0,"status_counts":[{"status":"needs_external_proof","label":"Needs outside proof","count":34},{"status":"needs_family_proof","label":"Needs family proof","count":1}],"blocker_counts":[{"label":"Outside proof needed: not validated","count":34},{"label":"Commercial gate not complete: proof blocked","count":34}],"caution_counts":[],"ready_for_buyer_validation":0,"needs_external_proof":34,"needs_family_proof":1,"needs_report":0,"needs_thesis_detail":0,"needs_thesis_sharpening":0,"research_first":0,"research_only":0,"hold":0,"unclassified":0,"core_wedge_validation_ready_rows":0,"full_family_validation_ready_rows":0,"scope_limited_validation_rows":0,"full_family_claim_ready_rows":0,"validation_claim_scope_policy":"Core-only validation rows are worth buyer testing, but they must not be presented as full-family commercial opportunities until family_wide_validation_ready is true."},"readiness_summary":{"total":35,"validation_ready":0,"core_validation_ready_rows":0,"family_wide_validation_ready_rows":0,"core_only_validation_ready_rows":0,"validation_scope_status":"not_ready","validation_scope_label":"Not ready","validation_scope_warning":"","validation_scope_counts":[{"scope":"not_validation_ready","label":"Not validation-ready","count":35}],"blocker_count":68,"caution_count":0,"status_counts":[{"status":"needs_external_proof","label":"Needs outside proof","count":34},{"status":"needs_family_proof","label":"Needs family proof","count":1}],"blocker_counts":[{"label":"Outside proof needed: not validated","count":34},{"label":"Commercial gate not complete: proof blocked","count":34}],"caution_counts":[],"ready_for_buyer_validation":0,"needs_external_proof":34,"needs_family_proof":1,"needs_report":0,"needs_thesis_detail":0,"needs_thesis_sharpening":0,"research_first":0,"research_only":0,"hold":0,"unclassified":0,"core_wedge_validation_ready_rows":0,"full_family_validation_ready_rows":0,"scope_limited_validation_rows":0,"full_family_claim_ready_rows":0,"validation_claim_scope_policy":"Core-only validation rows are worth buyer testing, but they must not be presented as full-family commercial opportunities until family_wide_validation_ready is true."},"evidence_summary":{"total":1,"source_evidence_rows":0,"source_link_rows":1,"source_count_only_rows":0,"missing_source_evidence_rows":0,"source_evidence_not_applicable_rows":0,"source_link_coverage_percent":100.0,"evidence_required_rows":0,"evidence_required_rows_missing_source_links":0,"build_worthy_rows_missing_source_links":0,"decision_rows_missing_source_links":0,"missing_source_examples":[]},"cache":{"source":"durable_research_stale","generated_at":"2026-06-10T13:18:46+00:00","age_seconds":8811},"row_role":"supporting_evidence","recommendation_role":"evidence_input","evidence_role":"supports_opportunity_family","promotion_status":"linked_opportunity","promotion_status_label":"Evidence linked to opportunity","promotion_reason":"This row is supporting evidence linked to a commercial opportunity family, not the build-worthy opportunity itself.","is_build_worthy":false,"worth_validating":false,"build_worthy_scope":"opportunity_family","build_worthy_family_key":"booking-revenue","opportunity_decision_status":"supporting_evidence"}